#windows

LG Simple Editor versions 3.21.0 and below suffer from an unauthenticated command injection vulnerability. The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of NT AUTHORITY\SYSTEM.

Feberr version 13.4 suffers from an ignored default credential vulnerability.

Farmacia Gama version 1.0 suffers from a cross site scripting vulnerability.

Ecommerce version 1.15 suffers from an ignored default credential vulnerability.

Covid-19 Contact Tracing System version 1.0 suffers from a cross site scripting vulnerability.

Car Rental Management System version 1.0 suffers from a cross site scripting vulnerability.

BloodBank version 1.1 suffers from an ignored default credential vulnerability.

Bhojon Restaurant Management System version 2.9 suffers from an ignored default credential vulnerability.

FlatPress version 1.3.1 suffers from a path traversal vulnerability.

SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-28986 (CVSS score: 9.8), has been described as a deserialization bug. "SolarWinds Web Help Desk was found to be susceptible to a Java deserialization remote code execution vulnerability